Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/PAuKsuFt7pkYvy0oyMfH5VacHzI.roa
File: PAuKsuFt7pkYvy0oyMfH5VacHzI.roa (raw, json)
Hash identifier: adrcrPAIe+TA0rASKTVsAt9a6j5vzTiBzEaEb9/EId0=
Subject key identifier: 3C:0B:8A:B2:E1:6D:EE:99:18:BF:2D:28:C8:C7:C7:E5:56:9C:1F:32
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 2634BD7B
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/PAuKsuFt7pkYvy0oyMfH5VacHzI.roa
Signing time: Sat 01 Jan 2022 07:02:52 +0000
ROA not before: Sat 01 Jan 2022 07:02:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56867
IP address blocks: 2a02:20c8:1421::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 640990587 (0x2634bd7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: Jan 1 07:02:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c0b8ab2e16dee9918bf2d28c8c7c7e5569c1f32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:74:ae:44:fe:6d:e3:95:8f:bc:e9:4f:68:83:
30:f2:a3:2f:32:29:8c:32:d6:de:b1:f9:5b:42:40:
11:af:ba:b4:a6:58:48:2e:2d:c2:8a:3e:26:50:a9:
1f:35:07:fa:bb:21:e7:8f:e1:52:ab:de:b0:68:1c:
68:a6:5a:b6:61:84:f1:f0:a8:7b:df:10:14:40:9b:
f5:d0:23:50:05:14:5a:51:13:dd:da:87:16:8f:d1:
4f:bc:2f:4b:05:81:c8:37:f2:fc:5a:90:00:5e:88:
90:6e:7e:9e:76:6f:40:0f:5e:b2:82:0d:e8:ee:a9:
e7:80:ae:84:14:9b:81:c2:95:73:60:92:ca:c8:43:
3d:49:87:ea:57:9b:12:8a:fd:bb:a4:20:e1:23:fe:
fd:84:c1:c6:46:13:3e:75:0a:1b:ba:76:e3:fc:c6:
11:27:ee:98:48:29:06:65:d5:7b:15:f0:f4:fd:4c:
8c:b7:91:56:62:ec:c2:68:f1:57:17:32:64:57:c8:
9d:1b:f9:1b:9a:98:f4:30:e0:2d:0f:e8:90:e2:db:
3f:2d:ef:d2:6e:70:cf:91:63:cb:5c:12:ed:00:c0:
80:2c:f1:d3:00:09:95:cc:30:ef:3d:2b:b5:c3:cd:
aa:6e:58:2d:e6:56:08:af:9c:34:6f:70:5f:9c:f4:
f4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:0B:8A:B2:E1:6D:EE:99:18:BF:2D:28:C8:C7:C7:E5:56:9C:1F:32
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/PAuKsuFt7pkYvy0oyMfH5VacHzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:20c8:1421::/48
Signature Algorithm: sha256WithRSAEncryption
24:f3:02:61:2f:39:3c:92:ea:08:d1:fb:b7:06:5b:6f:39:53:
c3:a3:51:99:d0:6a:75:ae:14:70:eb:3d:51:d9:bd:d9:15:21:
38:58:04:b0:9c:f2:2d:6b:b2:92:3e:57:b2:80:eb:ef:ca:7a:
ad:23:75:3b:79:9f:b9:3d:a3:2c:13:46:b9:02:6b:71:b3:cc:
25:8e:61:a7:22:4d:3d:b4:17:4a:4e:b7:ef:dc:0b:76:68:7f:
59:1d:fe:f7:8a:8e:09:88:b7:3c:ed:8c:b6:60:f1:33:2d:8b:
e0:79:66:27:fe:18:4e:86:34:ba:b7:21:56:da:37:90:da:6b:
c0:49:d0:29:63:ee:12:69:42:30:9d:6c:cc:32:4b:01:06:cc:
3c:d9:d2:0c:cc:0b:59:5b:ea:6f:8e:77:23:92:db:b4:7f:38:
f5:31:fb:1b:c4:44:4a:c6:50:83:fa:c6:91:73:a2:9f:02:63:
3d:48:e2:b8:58:96:9a:0d:6c:37:00:35:1d:a2:bc:20:c1:1c:
35:1d:7a:66:03:66:21:86:97:78:55:50:ef:56:ca:2d:a1:e6:
9f:37:3f:e4:28:da:6c:d6:3e:8b:2a:36:a1:2f:87:e9:6a:fe:
33:f6:18:3b:cf:3f:e2:85:94:a5:b9:71:d1:a4:56:5b:c1:2c:
d5:4f:26:c6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEJjS9ezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NWJkY2ZmNzdiZjA2MGQ1ZGExMmRlNDVlMjA3MmUxY2ZmNDU2MGE3MB4XDTIyMDEw
MTA3MDI1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2MwYjhhYjJlMTZk
ZWU5OTE4YmYyZDI4YzhjN2M3ZTU1NjljMWYzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANt0rkT+beOVj7zpT2iDMPKjLzIpjDLW3rH5W0JAEa+6tKZY
SC4twoo+JlCpHzUH+rsh54/hUqvesGgcaKZatmGE8fCoe98QFECb9dAjUAUUWlET
3dqHFo/RT7wvSwWByDfy/FqQAF6IkG5+nnZvQA9esoIN6O6p54CuhBSbgcKVc2CS
yshDPUmH6lebEor9u6Qg4SP+/YTBxkYTPnUKG7p24/zGESfumEgpBmXVexXw9P1M
jLeRVmLswmjxVxcyZFfInRv5G5qY9DDgLQ/okOLbPy3v0m5wz5Fjy1wS7QDAgCzx
0wAJlcww7z0rtcPNqm5YLeZWCK+cNG9wX5z09IcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ8C4qy4W3umRi/LSjIx8flVpwfMjAfBgNVHSMEGDAWgBRlvc/3e/Bg1doS
3kXiBy4c/0VgpzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1piM1A5M3Z3WU5YYUV0NUY0Z2N1SFA5RllLYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvMTk1ZjNkLWE4NTEtNDU1YS05YjBmLWQ3MGNkOTdmNDg1Ny8x
L1BBdUtzdUZ0N3BrWXZ5MG95TWZINVZhY0h6SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
MTk1ZjNkLWE4NTEtNDU1YS05YjBmLWQ3MGNkOTdmNDg1Ny8xL1piM1A5M3Z3WU5Y
YUV0NUY0Z2N1SFA5RllLYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoCIMgUITANBgkqhkiG9w0BAQsF
AAOCAQEAJPMCYS85PJLqCNH7twZbbzlTw6NRmdBqda4UcOs9Udm92RUhOFgEsJzy
LWuykj5XsoDr78p6rSN1O3mfuT2jLBNGuQJrcbPMJY5hpyJNPbQXSk6379wLdmh/
WR3+94qOCYi3PO2MtmDxMy2L4HlmJ/4YToY0urchVto3kNprwEnQKWPuEmlCMJ1s
zDJLAQbMPNnSDMwLWVvqb453I5LbtH849TH7G8RESsZQg/rGkXOinwJjPUjiuFiW
mg1sNwA1HaK8IMEcNR16ZgNmIYaXeFVQ71bKLaHmnzc/5CjabNY+iyo2oS+H6Wr+
M/YYO88/4oWUpblx0aRWW8Es1U8mxg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:32 2024 by rpki-client on console-fra.rpki-client.org